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DETAILED ACTION 



1 . Applicant's response filed on May 22, 2009 has been fully considered. 
New Claims 33-35 have been added. Claims 1,3-8, 10-15, 17-21, and 23-30, 32-35 
are pending. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

3. Claims 1, 3-8, 10-15, 17-21 and 23-30, 32-35 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Arrow et al. (U.S. Patent No. 6,175,917 B1), 
hereinafter "Arrow", in view of Sullenberger et al. (U.S. Patent No. 7,447,901 B1), 
hereinafter "Sullengerger". 

Referring to claim 1 : 

i. Arrow teaches: 

A network comprising: 

IP processing apparatuses, which use an IP (Internet Protocol) for 
encrypting and authenticating communications via the Internet between two different 
centers (see figure 1, elements 115, 125, 135, 145, 155; and column 6, line 61, through 
column 7, line 7, of Arrow); and 
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an IP setting apparatus, which manages IP settings of the IP 
processing apparatuses (see figure 1, element 160 'VPN management station'; figure 
13, elements 1314 "define access control rules", 1316 "define address translation rules"; 
and column 15, line 69, through column 16, line 15, of Arrow); 

wherein in response to receiving a request from a first IP processing 
apparatus to communicate with a second IP processing apparatus, the second IP 
setting apparatus transmits a response (see column 7, lines 26-45, of Arrow). 

Arrow further discloses that the IP setting apparatus transmits a 
common encryption key to the first and second IP process apparatuses to be used to 
encrypt and authenticate IP communications between the first and second process 
apparatuses (see column 1 1 , lines 27-34, of Arrow). 

Arrow discloses IP protocol and IP packets (see column 6, lines 51- 
54 of Arrow). However, Arrow does not specifically mention the IPsec (Internet Protocol 
security protocol). Neither does Arrow Specifically mention that a VPN unit makes a 
request to the VPN management unit in order to communicate with another VPN unit. 

ii. Sullenberger teaches a method for establishing a dynamic 
multipoint encryption virtual private network, wherein Sullenberger that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit to dynamically establish an encrypted virtual private network (see figure 1; and 
column 10, lines 38-51, of Sullenberger). Sullenberger further discloses the IPsec 
protocol (see column 1, lines 50-59, of Sullenberger). 

iii. The ordinary skilled person would have been motivated to have 
applied the teaching of Sullenberger into the system of Arrow such that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit and dynamically establish an encrypted virtual private network, because Arrow 
teaches "VPN management station 160 controls VPN units 115, 125 and 135 through 
commands and configuration information transmitted to the respective VPN unit through 
public network 100." (see column 6, lines 31-34, of Arrow, emphasis added). 
Sullenberger teaches "The invention relates more specifically to a method and 
apparatus for establishing a dynamic multipoint encrypted virtual private network 
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(VPN )." (see column 1, lines 19-21, of Sullenberger, emphasis added). Therefore, 
Sullenberger's teaching could enhance Arrow's system. 

Referring to claims 3-4, 10-11,16, 23-24, 29 : 

Arrow and Sullenberger teach the claimed subject matter: a network (see 
claim 1 above). They further disclose transmitting messages between IPsec setting 
server apparatus and IPsec processing apparatus (see column 9, lines 19-22 of Arrow). 

Referring to claims 5, 12, 25 : 

Arrow and Sullenberger teach the claimed subject matter: a network (see 
claim 1 above). They further disclose generating SA (Security Association) parameters 
(see figure 13, element 1310 'define VPN parameters'; and column 15, lines 52-54 of 
Arrow). 

Referring to claims 6, 13, 26 : 

Arrow and Sullenberger teach the claimed subject matter: a network (see 
claim 1 above). They further disclose send a message including the policies and the SA 
parameters (see figure 13, elements 1310, 1314, 1316; and column 9, lines 19-22 of 
Arrow). 

Referring to claims 7, 14, 19, 27 : 

Arrow and Sullenberger teach the claimed subject matter: a network (see 
claim 1 above). They further disclose the keys for encryption and authentication (see 
column 1 1 , lines 32-34 of Arrow). 
Referring to claim 8 : 

i. Arrow teaches: 

An IP setting apparatus managing IP setting of IP processing 
apparatuses, which use an IP (Internet Protocol) for securing communication via the 
Internet between two different centers (see figure 1, element 160; figure 13, elements 
1314 "define access control rules", 1316 "define address translation rules"; and column 
15, line 69, through column 16, line 15, of Arrow), 

wherein said IP setting apparatus manages IP policies applied 
among IP processing apparatus(see figure 1, element 160; figure 13, elements 1314 
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"define access control rules", 1316 "define address translation rules"; and column 15, 
line 69, through column 16, line 15 of Arrow), and 

wherein said IP setting apparatus includes means for specifying 
specifies the IP policies of said IP to be applied between a first IP processing 
apparatus and the second IP processing apparatus (see figure 1 1 , element 1 102 
' receive request to configure VPN unit'; figure 1 3, elements 1 31 0 'define VPN 
parameters', 1314 'define access control rules '. 1316 'define address translation rules '; 
and column 15, line 52-column 16, line 15, of Arrow, emphasis added). 

Arrow discloses IP protocol and IP packets (see column 6, lines 51- 
54 of Arrow). However, Arrow does not specifically mention the IPsec (Internet Protocol 
security protocol). Neither does Arrow Specifically mention that a VPN unit makes a 
request to the VPN management unit in order to communicate with another VPN unit. 

ii. Sullenberger teaches a method for establishing a dynamic 
multipoint encryption virtual private network, wherein Sullenberger that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit to dynamically establish an encrypted virtual private network (see figure 1 ; and 
column 10, lines 38-51, of Sullenberger). Sullenberger further discloses the IPsec 
protocol (see column 1, lines 50-59, of Sullenberger). 

iii. The ordinary skilled person would have been motivated to have 
applied the teaching of Sullenberger into the system of Arrow such that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit and dynamically establish an encrypted virtual private network, because Arrow 
teaches "VPN management station 160 controls VPN units 1 15, 125 and 135 through 
commands and configuration information transmitted to the respective VPN unit through 
public network 100." (see column 6, lines 31-34, of Arrow, emphasis added). 
Sullenberger teaches "The invention relates more specifically to a method and 
apparatus for establishing a dynamic multipoint encrypted virtual private network 
(VPN )." (see column 1, lines 19-21, of Sullenberger, emphasis added). Therefore, 
Sulzberger's teaching could enhance Arrow's system. 

Referring to claim 15 : 
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i. Arrow teaches: 

An IP processing apparatus using an IP (Internet Protocol) on the 

Internet, 

wherein said IP processing apparatus receives from an IP setting 
apparatus managing communication a packet containing the IP to be applied to 
communication with another IP processing apparatus, determines whether or not to 
request from the IP setting apparatus a setting for IP communication (see column 4, 
lines 38-40; column 11, lines 27-30 of Arrow), and 

wherein the IP processing apparatus transmits a request to the IP 
setting apparatus in order to receive from the IP setting apparatus a setting for IP 
communication (see figure 11, element 1102 ' receive request to configure VPN unit'; 
figure 13, elements 1310 'define VPN parameters', 1314 'define access control rules '. 
1316 'define address translation rules ': and column 15, line 52-column 16, line 15, of 
Arrow, emphasis added). 

Arrow discloses IP protocol and IP packets (see column 6, lines 51- 
54 of Arrow). However, Arrow does not specifically mention the IPsec (Internet Protocol 
security protocol). Neither does Arrow Specifically mention that a VPN unit makes a 
request to the VPN management unit in order to communicate with another VPN unit. 

ii. Sullenberger teaches a method for establishing a dynamic 
multipoint encryption virtual private network, wherein Sullenberger that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit to dynamically establish an encrypted virtual private network (see figure 1 ; and 
column 10, lines 38-51, of Sullenberger). Sullenberger further discloses the IPsec 
protocol (see column 1, lines 50-59, of Sullenberger). 

iii. The ordinary skilled person would have been motivated to have 
applied the teaching of Sullenberger into the system of Arrow such that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit and dynamically establish an encrypted virtual private network, because Arrow 
teaches "VPN management station 160 controls VPN units 1 15, 125 and 135 through 
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commands and configuration information transmitted to the respective VPN unit through 
public network 100." (see column 6, lines 31-34, of Arrow, emphasis added). 
Sullenberger teaches "The invention relates more specifically to a method and 
apparatus for establishing a dynamic multipoint encrypted virtual private network 
(VPN )." (see column 1, lines 19-21, of Sullenberger, emphasis added). Therefore, 
Sulzberger's teaching could enhance Arrow's system. 
Referring to claims 18, 30 : 

Arrow and Sullenberger teach the claimed subject matter: an IPsec 
processing apparatus (see claim 15 above). They further disclose the SPD [i.e., 
Security Policy Database], SAD [i.e., Security Association Database] (see figure 2, 
elements 203 'IPSec Policy', 124C 'security association', of Sullenberger). 
Referring to claims 20, 32 : 

Arrow and Sullenberger teach the claimed subject matter: an IPsec 
processing apparatus (see claim 15 above). They further disclose acquiring new setting 
information (see column 10, lines 41-51 of Arrow). 
Referring to claim 21 : 

i. Arrow teaches: 

An IPsec setting method comprising: 

receiving from IP processing apparatus a request (see column 14, 
lines 33-44, of Arrow), 

retrieving IP policy rules from memory and generating IP settings 
parameters based on the content of the request from the IP processing apparatus and 
the retrieved policy rules (see column 14, lines 33-44, of Arrow); and 

transmitting the generated IP settings to the IP processing 
apparatus (see column 14, lines 33-44, of Arrow). 

Arrow discloses IP protocol and IP packets (see column 6, lines 51- 
54 of Arrow). However, Arrow does not specifically mention the IPsec (Internet Protocol 
security protocol). Neither does Arrow Specifically mention that a VPN unit makes a 
request to the VPN management unit in order to communicate with another VPN unit. 
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ii. Sullenberger teaches a method for establishing a dynamic 
multipoint encryption virtual private network, wherein Sullenberger that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit to dynamically establish an encrypted virtual private network (see figure 1 ; and 
column 10, lines 38-51, of Sullenberger). Sullenberger further discloses the IPsec 
protocol (see column 1, lines 50-59, of Sullenberger). 

iii. The ordinary skilled person would have been motivated to have 
applied the teaching of Sullenberger into the system of Arrow such that a VPN unit 
makes a request to the VPN management unit in order to communicate with another 
VPN unit and dynamically establish an encrypted virtual private network, because Arrow 
teaches "VPN management station 1 60 controls VPN units 115, 1 25 and 1 35 through 
commands and configuration information transmitted to the respective VPN unit through 
public network 100." (see column 6, lines 31-34, of Arrow, emphasis added). 
Sullenberger teaches "The invention relates more specifically to a method and 
apparatus for establishing a dynamic multipoint encrypted virtual private network 
(VPN )." (see column 1, lines 19-21, of Sullenberger, emphasis added). Therefore, 
Sullenberger's teaching could enhance Arrow's system. 

Referring to claim 28 : 

Arrow and Sullenberger teach the claimed subject matter: an IPsec setting 
method (see claim 21 above). They further disclose the inquiry means (see column 14, 
line 25, of Arrow). 

Referring to claim 33-35 : 

Arrow and Sullenberger teach the claimed subject matter: a network (see 
claim 1 above). They further discloses transmitting the encryption key to the first and 
the second IPsec processing apparatus depending on their addresses (see column 9, 
lines 18-22, of Arrow). They further disclose the common encrypt key (see column 2, 
lines 24-29, of Sullenberger). 



Response to Arguments 
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4. Applicant's arguments, filed on October May 22, 2009, have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 
However, upon further consideration, a new ground(s) of rejection is made in view of 
Sullenberger. 

Conclusion 

5. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Joseph Pan whose telephone number is 571-272- 
5987. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached at 571-272-3859. The fax and phone 
numbers for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Any inquiry of a general nature or relating to the status of this application 
or proceeding should be directed to the receptionist whose telephone number is 571- 
272-2100. 



Joseph Pan 
August 4, 2009 
/Kimyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 



